Reviews code diffs and files for security vulnerabilities (OWASP Top 10), error handling, complexity, naming conventions, and performance issues. Use when the user asks to review a PR, pull request, diff, merge request, or code changes.
Run the mandatory verification stack when changes affect runtime code, tests, or build/test behavior in the OpenAI Agents JS monorepo.
Generate a code quality report for the orchestrator/ folder focusing on duplication, complexity hotspots, and error/logging consistency, using npm run check:all as the primary gate; report only (no code changes).
Multi-AI validation, scoring, and review using Codex and Gemini CLIs (Double Diamond Deliver phase). Use when: AUTOMATICALLY ACTIVATE when user requests validation, scoring, or review:. "review X" or "validate Y" or "test Z". "score this", "quality check", "validate before shipping"
Audit codebases for quality, consistency, and broken patterns — use for pre-release or tech debt review. Use when: AUTOMATICALLY ACTIVATE when user requests auditing:. "audit and check the entire app". "audit X for Y" or "check for broken features"
Expert multi-AI code review with quality and security analysis
Switch to Knowledge Work mode for research and writing — use when task is non-code focused
Verify claims with actual evidence before declaring success — use to prevent false completion. Use when: Use when about to claim work is complete, fixed, or passing.. Auto-invoke before: commits, PRs, task completion, moving to next task.. ALWAYS use before expressing satisfaction ("Done!", "Fixed!", "All passing!").
Process screenshot-based UI/UX feedback to fix visual issues. Use when: AUTOMATICALLY ACTIVATE when user provides visual feedback:. "[Image X] The /settings should be Y". "[Image X] these button styles need to be fixed"
参数校验指南,涵盖 JSR-303 注解校验、自定义校验器、分组校验、嵌套校验、错误消息国际化。当用户实现参数校验、编写自定义校验注解、处理校验错误或配置校验分组时使用。
Create or update a `.changeset/*.md` file for the current branch or PR in this repository, choose the correct package scope and release type, and verify the result against repo-specific Changesets config. Use when a publishable package changed, when a PR is missing a changeset, when an existing changeset needs correction, or when Codex needs to confirm whether a branch should have a changeset at all.
触发:当一项工作已经完成、进入阶段验收、收到批评反馈,或反复出现同类错误需要系统纠偏时调用;常见信号包括 review、audit、retrospective、quality check、纠错与复盘。 English: Trigger after delivery or at a review checkpoint when quality must be examined honestly and errors must be corrected without defensiveness. Use this skill for structured self-review, feedback processing, and continuous correction.
Use this skill when writing or reviewing TypeScript code in the frontend to follow project conventions. Covers naming standards (kebab-case files), import patterns, error handling, type safety (no any), and ESLint/Prettier configuration. Apply when authoring new TypeScript files, reviewing code style, or resolving linting issues.
TypeScript coding standards for the Exceptionless frontend. Naming, imports, error handling, ESLint/Prettier configuration, and type safety. Keywords: TypeScript, ESLint, Prettier, naming conventions, kebab-case, named imports, type guards, interfaces, avoid any, Promise handling, try catch, braces
Review code using Linus Torvalds' "good taste" philosophy. Eliminates defensive code, special cases, and deep nesting. Use when reviewing code quality, refactoring, or checking for code smells.
Step-by-step guide for adding a new diff output renderer to diffsitter. Use when adding a new output format.
Expert Rust guidance for diffsitter: tree-sitter FFI patterns, lifetime management, unsafe optimization, edition 2024 idioms. Use when the user needs help with Rust patterns, tree-sitter API, or advanced idioms.
Code quality standards — lint (eslint/oxlint), type check (tsc), pre-commit hooks, and comment conventions. All comments must be in English.
Comprehensive PR code review for OneKey monorepo. Use when reviewing PRs, code changes, or diffs — covers security (secrets/PII leakage, supply-chain, AuthN/AuthZ), code quality (hooks, race conditions, null safety, concurrent requests), and OneKey-specific patterns (Fabric crashes, MIUI, BigNumber). Triggers on "review PR", "review this PR", "code review", "check this diff", "审查 PR", "代码审查", "review
